Aspera Web Applications (Faspex, Console) and On Demand products have addressed the following OpenSSL vulnerability.
CVEID:CVE-2017-7468 *DESCRIPTION: ** No CVE description.
CVSS Base Score: 3.1
CVSS Temporal Score: See [Not Applicable](<https://psirt.raleigh.ibm.com/teamworks/Not Applicable>) for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
IBM Aspera Faspex 4.1.0
IBM Aspera Console 3.2.0
IBM Aspera Faspex Server on Demand 3.7.3
For IBM Aspera (Faspex, Console) the issue can be fixed by downloading the following new versions.
On Demand customers should download a related product release for their On Demand image from the following.
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
IBM Aspera Faspex | 4.2.0 or Higher | None | <https://downloads.asperasoft.com/en/downloads/6> |
IBM Aspera Console | 3.3.0 or Higher | None | <https://downloads.asperasoft.com/en/downloads/34> |
CPE | Name | Operator | Version |
---|---|---|---|
ibm aspera | eq | any |